[apple/xnu.git] / bsd / kern / kern_shutdown.c

/*
 * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.
 *
 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
 * 
 * This file contains Original Code and/or Modifications of Original Code
 * as defined in and that are subject to the Apple Public Source License
 * Version 2.0 (the 'License'). You may not use this file except in
 * compliance with the License. The rights granted to you under the License
 * may not be used to create, or enable the creation or redistribution of,
 * unlawful or unlicensed copies of an Apple operating system, or to
 * circumvent, violate, or enable the circumvention or violation of, any
 * terms of an Apple operating system software license agreement.
 * 
 * Please obtain a copy of the License at
 * http://www.opensource.apple.com/apsl/ and read it before using this file.
 * 
 * The Original Code and all software distributed under the License are
 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
 * Please see the License for the specific language governing rights and
 * limitations under the License.
 * 
 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
 */
/*
 *	File:	bsd/kern/kern_shutdown.c
 *
 *	Copyright (C) 1989, NeXT, Inc.
 *
 */

#include <sys/param.h>
#include <sys/systm.h>
#include <sys/kernel.h>
#include <sys/vm.h>
#include <sys/proc_internal.h>
#include <sys/user.h>
#include <sys/reboot.h>
#include <sys/conf.h>
#include <sys/vnode_internal.h>
#include <sys/file_internal.h>
#include <sys/clist.h>
#include <sys/callout.h>
#include <sys/mbuf.h>
#include <sys/msgbuf.h>
#include <sys/ioctl.h>
#include <sys/signal.h>
#include <sys/tty.h>
#include <kern/task.h>
#include <sys/quota.h>
#include <vm/vm_kern.h>
#include <mach/vm_param.h>
#include <sys/filedesc.h>
#include <mach/host_priv.h>
#include <mach/host_reboot.h>

#include <security/audit/audit.h>

#include <kern/sched_prim.h>		/* for thread_block() */
#include <kern/host.h>			/* for host_priv_self() */
#include <net/if_var.h>			/* for if_down_all() */
#include <sys/buf_internal.h>		/* for count_busy_buffers() */
#include <sys/mount_internal.h>		/* for vfs_unmountall() */
#include <mach/task.h>			/* for task_suspend() */
#include <sys/sysproto.h>		/* abused for sync() */
#include <kern/clock.h>			/* for delay_for_interval() */
#include <libkern/OSAtomic.h>

#include <sys/kdebug.h>

uint32_t system_inshutdown = 0;

/* XXX should be in a header file somewhere, but isn't */
extern void (*unmountroot_pre_hook)(void);

unsigned int proc_shutdown_exitcount = 0;

static int  sd_openlog(vfs_context_t);
static int  sd_closelog(vfs_context_t);
static void sd_log(vfs_context_t, const char *, ...);
static void proc_shutdown(void);
static void kernel_hwm_panic_info(void);
extern void IOSystemShutdownNotification(void);

struct sd_filterargs{
	int delayterm;
	int shutdownstate;
};


struct sd_iterargs {
	int signo;		/* the signal to be posted */
	int setsdstate;  	/* shutdown state to be set */
	int countproc;		/* count processes on action */
	int activecount; 	/* number of processes on which action was done */
};

static vnode_t sd_logvp = NULLVP;
static off_t sd_log_offset = 0;


static int sd_filt1(proc_t, void *);
static int sd_filt2(proc_t, void *);
static int  sd_callback1(proc_t p, void * arg);
static int  sd_callback2(proc_t p, void * arg);
static int  sd_callback3(proc_t p, void * arg);

extern boolean_t panic_include_zprint;
extern vm_offset_t panic_kext_memory_info;
extern vm_size_t panic_kext_memory_size; 

static void
kernel_hwm_panic_info(void)
{
	mach_memory_info_t      *memory_info;
	unsigned int            num_sites;
	kern_return_t           kr;

	panic_include_zprint = TRUE;
	panic_kext_memory_info = 0;
	panic_kext_memory_size = 0;

	num_sites = VM_KERN_MEMORY_COUNT + VM_KERN_COUNTER_COUNT;
	panic_kext_memory_size = round_page(num_sites * sizeof(mach_zone_info_t));
	
	kr = kmem_alloc(kernel_map, (vm_offset_t *) &panic_kext_memory_info, panic_kext_memory_size, VM_KERN_MEMORY_OSFMK);
	if (kr != KERN_SUCCESS) {
		panic_kext_memory_info = 0;
		return;
	}
	memory_info = (mach_memory_info_t *)panic_kext_memory_info;
	vm_page_diagnose(memory_info, num_sites);
	return;
}

int
reboot_kernel(int howto, char *message)
{
	int hostboot_option=0;

	if (!OSCompareAndSwap(0, 1, &system_inshutdown)) {
		if ( (howto&RB_QUICK) == RB_QUICK)
			goto force_reboot;
		return (EBUSY);
	}
	/*
	 * Temporary hack to notify the power management root domain
	 * that the system will shut down.
	 */
	IOSystemShutdownNotification();

	if ((howto&RB_QUICK)==RB_QUICK) {
		printf("Quick reboot...\n");
		if ((howto&RB_NOSYNC)==0) {
			sync((proc_t)NULL, (void *)NULL, (int *)NULL);
		}
	}
	else if ((howto&RB_NOSYNC)==0) {
		int iter, nbusy;

		printf("syncing disks... ");

		/*
		 * Release vnodes held by texts before sync.
		 */

		/* handle live procs (deallocate their root and current directories), suspend initproc */
		proc_shutdown();

#if CONFIG_AUDIT
		audit_shutdown();
#endif

		if (unmountroot_pre_hook != NULL)
			unmountroot_pre_hook();

		sync((proc_t)NULL, (void *)NULL, (int *)NULL);

		if (kdebug_enable)
			kdbg_dump_trace_to_file("/var/log/shutdown/shutdown.trace");

		/*
		 * Unmount filesystems
		 */
		vfs_unmountall();

		/* Wait for the buffer cache to clean remaining dirty buffers */
		for (iter = 0; iter < 100; iter++) {
			nbusy = count_busy_buffers();
			if (nbusy == 0)
				break;
			printf("%d ", nbusy);
			delay_for_interval( 1 * nbusy, 1000 * 1000);
		}
		if (nbusy)
			printf("giving up\n");
		else
			printf("done\n");
	}
#if NETWORKING
	/*
	 * Can't just use an splnet() here to disable the network
	 * because that will lock out softints which the disk
	 * drivers depend on to finish DMAs.
	 */
	if_down_all();
#endif /* NETWORKING */

force_reboot:

	if (howto & RB_PANIC) {
		if (strncmp(message, "Kernel memory has exceeded limits", 33) == 0) {
			kernel_hwm_panic_info();
		}
		panic ("userspace panic: %s", message);
	}

	if (howto & RB_POWERDOWN)
		hostboot_option = HOST_REBOOT_HALT;
	if (howto & RB_HALT)
		hostboot_option = HOST_REBOOT_HALT;

	if (howto & RB_UPSDELAY) {
		hostboot_option = HOST_REBOOT_UPSDELAY;
	}

	host_reboot(host_priv_self(), hostboot_option);
	/*
	 * should not be reached
	 */
	return (0);
}

static int
sd_openlog(vfs_context_t ctx)
{
	int error = 0;
	struct timeval tv;
	
	/* Open shutdown log */
	if ((error = vnode_open(PROC_SHUTDOWN_LOG, (O_CREAT | FWRITE | O_NOFOLLOW), 0644, 0, &sd_logvp, ctx))) {
		printf("Failed to open %s: error %d\n", PROC_SHUTDOWN_LOG, error);
		sd_logvp = NULLVP;
		return error;
	}

	vnode_setsize(sd_logvp, (off_t)0, 0, ctx);

	/* Write a little header */
	microtime(&tv);
	sd_log(ctx, "Process shutdown log.  Current time is %lu (in seconds).\n\n", tv.tv_sec);

	return 0;
}

static int
sd_closelog(vfs_context_t ctx)
{
	int error = 0;
	if (sd_logvp != NULLVP) {
		VNOP_FSYNC(sd_logvp, MNT_WAIT, ctx);
		error = vnode_close(sd_logvp, FWRITE, ctx);
	}

	return error;
}

static void
sd_log(vfs_context_t ctx, const char *fmt, ...) 
{
	int resid, log_error, len;
	char logbuf[100];
	va_list arglist;

	/* If the log isn't open yet, open it */
	if (sd_logvp == NULLVP) {
		if (sd_openlog(ctx) != 0) {
			/* Couldn't open, we fail out */
			return;
		}
	}

	va_start(arglist, fmt);
	len = vsnprintf(logbuf, sizeof(logbuf), fmt, arglist);
	log_error = vn_rdwr(UIO_WRITE, sd_logvp, (caddr_t)logbuf, len, sd_log_offset,
			UIO_SYSSPACE, IO_UNIT | IO_NOAUTH, vfs_context_ucred(ctx), &resid, vfs_context_proc(ctx));
	if (log_error == EIO || log_error == 0) {
		sd_log_offset += (len - resid);
	}

	va_end(arglist);

}

static int
sd_filt1(proc_t p, void * args)
{
	proc_t self = current_proc();
	struct sd_filterargs * sf = (struct sd_filterargs *)args;
	int delayterm = sf-> delayterm;
	int shutdownstate = sf->shutdownstate;

	if (((p->p_flag&P_SYSTEM) != 0) || (p->p_ppid == 0) 
		||(p == self) || (p->p_stat == SZOMB) 
		|| (p->p_shutdownstate != shutdownstate) 
		||((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM))
		|| ((p->p_sigcatch & sigmask(SIGTERM))== 0)) {
			return(0);
		}
        else 
                return(1);
}


static int  
sd_callback1(proc_t p, void * args)
{
	struct sd_iterargs * sd = (struct sd_iterargs *)args;
	int signo = sd->signo;
	int setsdstate = sd->setsdstate;
	int countproc = sd->countproc;

	proc_lock(p);
	p->p_shutdownstate = setsdstate;
	if (p->p_stat != SZOMB) {
		proc_unlock(p);
		if (countproc != 0) {
			proc_list_lock();
			p->p_listflag |= P_LIST_EXITCOUNT;
			proc_shutdown_exitcount++;
			proc_list_unlock();
		}

		psignal(p, signo);
		if (countproc !=  0)
			sd->activecount++;
	} else
		proc_unlock(p);
	return(PROC_RETURNED);
}

static int
sd_filt2(proc_t p, void * args)
{
	proc_t self = current_proc();
	struct sd_filterargs * sf = (struct sd_filterargs *)args;
	int delayterm = sf-> delayterm;
	int shutdownstate = sf->shutdownstate;

	if (((p->p_flag&P_SYSTEM) != 0) || (p->p_ppid == 0) 
		||(p == self) || (p->p_stat == SZOMB) 
		|| (p->p_shutdownstate == shutdownstate) 
		||((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM))) {
			return(0);
		}
        else
                return(1);
}

static int  
sd_callback2(proc_t p, void * args)
{
	struct sd_iterargs * sd = (struct sd_iterargs *)args;
	int signo = sd->signo;
	int setsdstate = sd->setsdstate;
	int countproc = sd->countproc;

	proc_lock(p);
	p->p_shutdownstate = setsdstate;
	if (p->p_stat != SZOMB) {
		proc_unlock(p);
		if (countproc !=  0) {
			proc_list_lock();
			p->p_listflag |= P_LIST_EXITCOUNT;
			proc_shutdown_exitcount++;
			proc_list_unlock();
		}
		psignal(p, signo);
		if (countproc !=  0)
			sd->activecount++;
	} else
		proc_unlock(p);

	return(PROC_RETURNED);

}

static int  
sd_callback3(proc_t p, void * args)
{
	struct sd_iterargs * sd = (struct sd_iterargs *)args;
	vfs_context_t ctx = vfs_context_current();

	int setsdstate = sd->setsdstate;

	proc_lock(p);
	p->p_shutdownstate = setsdstate;
	if (p->p_stat != SZOMB) {
	       /*
		* NOTE: following code ignores sig_lock and plays
		* with exit_thread correctly.  This is OK unless we
		* are a multiprocessor, in which case I do not
		* understand the sig_lock.  This needs to be fixed.
		* XXX
		*/
		if (p->exit_thread) {	/* someone already doing it */
			proc_unlock(p);
			/* give him a chance */
			thread_block(THREAD_CONTINUE_NULL);
		} else {
			p->exit_thread = current_thread();
			printf(".");

			sd_log(ctx, "%s[%d] had to be forced closed with exit1().\n", p->p_comm, p->p_pid);

			proc_unlock(p);
			KERNEL_DEBUG_CONSTANT(BSDDBG_CODE(DBG_BSD_PROC, BSD_PROC_FRCEXIT) | DBG_FUNC_NONE,
					      p->p_pid, 0, 1, 0, 0);
			sd->activecount++;
			exit1(p, 1, (int *)NULL);
		}
	} else
		proc_unlock(p);

	return(PROC_RETURNED);
}


/*
 * proc_shutdown()
 *
 *	Shutdown down proc system (release references to current and root
 *	dirs for each process).
 *
 * POSIX modifications:
 *
 *	For POSIX fcntl() file locking call vno_lockrelease() on 
 *	the file to release all of its record locks, if any.
 */

static void
proc_shutdown(void)
{
	vfs_context_t ctx = vfs_context_current();
	struct proc *p, *self;
	int delayterm = 0;
	struct sd_filterargs sfargs;
	struct sd_iterargs sdargs;
	int error = 0;
	struct timespec ts;

	/*
	 *	Kill as many procs as we can.  (Except ourself...)
	 */
	self = (struct proc *)current_proc();
	
	/*
	 * Signal the init with SIGTERM so that he does not launch
	 * new processes 
	 */
	p = proc_find(1);
	if (p && p != self) {
		psignal(p, SIGTERM);
	}
	proc_rele(p);

	printf("Killing all processes ");

sigterm_loop:
	/*
	 * send SIGTERM to those procs interested in catching one
	 */
	sfargs.delayterm = delayterm;
	sfargs.shutdownstate = 0;
	sdargs.signo = SIGTERM;
	sdargs.setsdstate = 1;
	sdargs.countproc = 1;
	sdargs.activecount = 0;

	error = 0;
	/* post a SIGTERM to all that catch SIGTERM and not marked for delay */
	proc_rebootscan(sd_callback1, (void *)&sdargs, sd_filt1, (void *)&sfargs);

	if (sdargs.activecount != 0 && proc_shutdown_exitcount!= 0) {
		proc_list_lock();
		if (proc_shutdown_exitcount != 0) {
			/*
	 		* now wait for up to 30 seconds to allow those procs catching SIGTERM
	 		* to digest it
	 		* as soon as these procs have exited, we'll continue on to the next step
	 		*/
			ts.tv_sec = 30;
			ts.tv_nsec = 0;
			error = msleep(&proc_shutdown_exitcount, proc_list_mlock, PWAIT, "shutdownwait", &ts);
			if (error != 0) {
				for (p = allproc.lh_first; p; p = p->p_list.le_next) {
					if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
						p->p_listflag &= ~P_LIST_EXITCOUNT;
				}
				for (p = zombproc.lh_first; p; p = p->p_list.le_next) {
					if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
						p->p_listflag &= ~P_LIST_EXITCOUNT;
				}
			}
			
		}
		proc_list_unlock();
	}
	if (error == ETIMEDOUT) {
		/*
		 * log the names of the unresponsive tasks
		 */


		proc_list_lock();

		for (p = allproc.lh_first; p; p = p->p_list.le_next) {
			if (p->p_shutdownstate == 1) {
				printf("%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
				sd_log(ctx, "%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
			}
		}

		proc_list_unlock();

		delay_for_interval(1000 * 5, 1000 * 1000);
	}

	/*
	 * send a SIGKILL to all the procs still hanging around
	 */
	sfargs.delayterm = delayterm;
	sfargs.shutdownstate = 2;
	sdargs.signo = SIGKILL;
	sdargs.setsdstate = 2;
	sdargs.countproc = 1;
	sdargs.activecount = 0;

	/* post a SIGKILL to all that catch SIGTERM and not marked for delay */
	proc_rebootscan(sd_callback2, (void *)&sdargs, sd_filt2, (void *)&sfargs);

	if (sdargs.activecount != 0 && proc_shutdown_exitcount!= 0) {
		proc_list_lock();
		if (proc_shutdown_exitcount != 0) {
			/*
	 		* wait for up to 60 seconds to allow these procs to exit normally
	 		*
	 		* History:	The delay interval was changed from 100 to 200
	 		*		for NFS requests in particular.
	 		*/
			ts.tv_sec = 60;
			ts.tv_nsec = 0;
			error = msleep(&proc_shutdown_exitcount, proc_list_mlock, PWAIT, "shutdownwait", &ts);
			if (error != 0) {
				for (p = allproc.lh_first; p; p = p->p_list.le_next) {
					if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
						p->p_listflag &= ~P_LIST_EXITCOUNT;
				}
				for (p = zombproc.lh_first; p; p = p->p_list.le_next) {
					if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
						p->p_listflag &= ~P_LIST_EXITCOUNT;
				}
			}
		}
		proc_list_unlock();
	}

	/*
	 * if we still have procs that haven't exited, then brute force 'em
	 */
	sfargs.delayterm = delayterm;
	sfargs.shutdownstate = 3;
	sdargs.signo = 0;
	sdargs.setsdstate = 3;
	sdargs.countproc = 0;
	sdargs.activecount = 0;

	/* post a SIGTERM to all that catch SIGTERM and not marked for delay */
	proc_rebootscan(sd_callback3, (void *)&sdargs, sd_filt2, (void *)&sfargs);
	printf("\n");

	/* Now start the termination of processes that are marked for delayed termn */
	if (delayterm == 0) {
		delayterm = 1;
		goto  sigterm_loop;
	}

	sd_closelog(ctx);

	/*
	 * Now that all other processes have been terminated, suspend init
	 */
	task_suspend_internal(initproc->task);

	/* drop the ref on initproc */
	proc_rele(initproc);
	printf("continuing\n");
}
Commit	Line	Data
1c79356b	1	/*
2d21ac55	2	* Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.
5d5c5d0d	3	*
2d21ac55	4	* @APPLE_OSREFERENCE_LICENSE_HEADER_START@
1c79356b	5	*
2d21ac55 A	6	* This file contains Original Code and/or Modifications of Original Code
	7	* as defined in and that are subject to the Apple Public Source License
	8	* Version 2.0 (the 'License'). You may not use this file except in
	9	* compliance with the License. The rights granted to you under the License
	10	* may not be used to create, or enable the creation or redistribution of,
	11	* unlawful or unlicensed copies of an Apple operating system, or to
	12	* circumvent, violate, or enable the circumvention or violation of, any
	13	* terms of an Apple operating system software license agreement.
8f6c56a5	14	*
2d21ac55 A	15	* Please obtain a copy of the License at
	16	* http://www.opensource.apple.com/apsl/ and read it before using this file.
	17	*
	18	* The Original Code and all software distributed under the License are
	19	* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
8f6c56a5 A	20	* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
8f6c56a5 A	21	* INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
2d21ac55 A	22	* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
	23	* Please see the License for the specific language governing rights and
	24	* limitations under the License.
8f6c56a5	25	*
2d21ac55	26	* @APPLE_OSREFERENCE_LICENSE_HEADER_END@
1c79356b A	27	*/
	28	/*
	29	* File: bsd/kern/kern_shutdown.c
	30	*
	31	* Copyright (C) 1989, NeXT, Inc.
	32	*
	33	*/
	34
	35	#include <sys/param.h>
	36	#include <sys/systm.h>
	37	#include <sys/kernel.h>
	38	#include <sys/vm.h>
91447636	39	#include <sys/proc_internal.h>
1c79356b	40	#include <sys/user.h>
1c79356b A	41	#include <sys/reboot.h>
1c79356b A	42	#include <sys/conf.h>
91447636 A	43	#include <sys/vnode_internal.h>
91447636 A	44	#include <sys/file_internal.h>
1c79356b A	45	#include <sys/clist.h>
	46	#include <sys/callout.h>
	47	#include <sys/mbuf.h>
	48	#include <sys/msgbuf.h>
	49	#include <sys/ioctl.h>
	50	#include <sys/signal.h>
	51	#include <sys/tty.h>
	52	#include <kern/task.h>
9bccf70c	53	#include <sys/quota.h>
1c79356b A	54	#include <vm/vm_kern.h>
	55	#include <mach/vm_param.h>
	56	#include <sys/filedesc.h>
91447636	57	#include <mach/host_priv.h>
1c79356b	58	#include <mach/host_reboot.h>
91447636	59
b0d623f7	60	#include <security/audit/audit.h>
1c79356b	61
2d21ac55 A	62	#include <kern/sched_prim.h> /* for thread_block() */
	63	#include <kern/host.h> /* for host_priv_self() */
	64	#include <net/if_var.h> /* for if_down_all() */
	65	#include <sys/buf_internal.h> /* for count_busy_buffers() */
	66	#include <sys/mount_internal.h> /* for vfs_unmountall() */
	67	#include <mach/task.h> /* for task_suspend() */
	68	#include <sys/sysproto.h> /* abused for sync() */
	69	#include <kern/clock.h> /* for delay_for_interval() */
6d2010ae	70	#include <libkern/OSAtomic.h>
2d21ac55	71
b0d623f7 A	72	#include <sys/kdebug.h>
b0d623f7 A	73
6d2010ae	74	uint32_t system_inshutdown = 0;
b0d623f7	75
2d21ac55	76	/* XXX should be in a header file somewhere, but isn't */
b0d623f7	77	extern void (*unmountroot_pre_hook)(void);
2d21ac55	78
b0d623f7	79	unsigned int proc_shutdown_exitcount = 0;
2d21ac55	80
b0d623f7 A	81	static int sd_openlog(vfs_context_t);
	82	static int sd_closelog(vfs_context_t);
	83	static void sd_log(vfs_context_t, const char *, ...);
2d21ac55	84	static void proc_shutdown(void);
3e170ce0	85	static void kernel_hwm_panic_info(void);
2d21ac55 A	86	extern void IOSystemShutdownNotification(void);
	87
	88	struct sd_filterargs{
	89	int delayterm;
	90	int shutdownstate;
	91	};
	92
	93
	94	struct sd_iterargs {
b0d623f7 A	95	int signo; /* the signal to be posted */
	96	int setsdstate; /* shutdown state to be set */
	97	int countproc; /* count processes on action */
	98	int activecount; /* number of processes on which action was done */
2d21ac55 A	99	};
2d21ac55 A	100
b0d623f7 A	101	static vnode_t sd_logvp = NULLVP;
	102	static off_t sd_log_offset = 0;
	103
	104
2d21ac55 A	105	static int sd_filt1(proc_t, void *);
	106	static int sd_filt2(proc_t, void *);
	107	static int sd_callback1(proc_t p, void * arg);
	108	static int sd_callback2(proc_t p, void * arg);
	109	static int sd_callback3(proc_t p, void * arg);
1c79356b	110
3e170ce0 A	111	extern boolean_t panic_include_zprint;
	112	extern vm_offset_t panic_kext_memory_info;
	113	extern vm_size_t panic_kext_memory_size;
	114
	115	static void
	116	kernel_hwm_panic_info(void)
	117	{
	118	mach_memory_info_t *memory_info;
	119	unsigned int num_sites;
	120	kern_return_t kr;
	121
	122	panic_include_zprint = TRUE;
	123	panic_kext_memory_info = 0;
	124	panic_kext_memory_size = 0;
	125
	126	num_sites = VM_KERN_MEMORY_COUNT + VM_KERN_COUNTER_COUNT;
	127	panic_kext_memory_size = round_page(num_sites * sizeof(mach_zone_info_t));
	128
	129	kr = kmem_alloc(kernel_map, (vm_offset_t *) &panic_kext_memory_info, panic_kext_memory_size, VM_KERN_MEMORY_OSFMK);
	130	if (kr != KERN_SUCCESS) {
	131	panic_kext_memory_info = 0;
	132	return;
	133	}
	134	memory_info = (mach_memory_info_t *)panic_kext_memory_info;
	135	vm_page_diagnose(memory_info, num_sites);
	136	return;
	137	}
	138
6d2010ae	139	int
3e170ce0	140	reboot_kernel(int howto, char *message)
1c79356b	141	{
1c79356b	142	int hostboot_option=0;
1c79356b	143
6d2010ae A	144	if (!OSCompareAndSwap(0, 1, &system_inshutdown)) {
	145	if ( (howto&RB_QUICK) == RB_QUICK)
	146	goto force_reboot;
	147	return (EBUSY);
	148	}
	149	/*
	150	* Temporary hack to notify the power management root domain
	151	* that the system will shut down.
	152	*/
2d21ac55 A	153	IOSystemShutdownNotification();
2d21ac55 A	154
6d2010ae	155	if ((howto&RB_QUICK)==RB_QUICK) {
b0d623f7 A	156	printf("Quick reboot...\n");
b0d623f7 A	157	if ((howto&RB_NOSYNC)==0) {
3e170ce0	158	sync((proc_t)NULL, (void )NULL, (int )NULL);
b0d623f7 A	159	}
b0d623f7 A	160	}
6d2010ae	161	else if ((howto&RB_NOSYNC)==0) {
1c79356b A	162	int iter, nbusy;
1c79356b A	163
1c79356b A	164	printf("syncing disks... ");
	165
	166	/*
	167	* Release vnodes held by texts before sync.
	168	*/
	169
3e170ce0	170	/* handle live procs (deallocate their root and current directories), suspend initproc */
1c79356b A	171	proc_shutdown();
1c79356b A	172
b0d623f7	173	#if CONFIG_AUDIT
6d2010ae	174	audit_shutdown();
2d21ac55	175	#endif
55e303ae	176
b0d623f7 A	177	if (unmountroot_pre_hook != NULL)
	178	unmountroot_pre_hook();
	179
3e170ce0	180	sync((proc_t)NULL, (void )NULL, (int )NULL);
1c79356b	181
b0d623f7 A	182	if (kdebug_enable)
	183	kdbg_dump_trace_to_file("/var/log/shutdown/shutdown.trace");
	184
1c79356b A	185	/*
	186	* Unmount filesystems
	187	*/
91447636	188	vfs_unmountall();
1c79356b A	189
1c79356b A	190	/* Wait for the buffer cache to clean remaining dirty buffers */
91447636	191	for (iter = 0; iter < 100; iter++) {
1c79356b A	192	nbusy = count_busy_buffers();
	193	if (nbusy == 0)
	194	break;
	195	printf("%d ", nbusy);
2d21ac55	196	delay_for_interval( 1 * nbusy, 1000 * 1000);
1c79356b A	197	}
	198	if (nbusy)
	199	printf("giving up\n");
	200	else
	201	printf("done\n");
	202	}
2d21ac55	203	#if NETWORKING
1c79356b A	204	/*
	205	* Can't just use an splnet() here to disable the network
	206	* because that will lock out softints which the disk
	207	* drivers depend on to finish DMAs.
	208	*/
	209	if_down_all();
2d21ac55	210	#endif /* NETWORKING */
1c79356b	211
6d2010ae	212	force_reboot:
3e170ce0 A	213
	214	if (howto & RB_PANIC) {
	215	if (strncmp(message, "Kernel memory has exceeded limits", 33) == 0) {
	216	kernel_hwm_panic_info();
	217	}
	218	panic ("userspace panic: %s", message);
	219	}
	220
1c79356b A	221	if (howto & RB_POWERDOWN)
	222	hostboot_option = HOST_REBOOT_HALT;
	223	if (howto & RB_HALT)
	224	hostboot_option = HOST_REBOOT_HALT;
1c79356b	225
6d2010ae A	226	if (howto & RB_UPSDELAY) {
	227	hostboot_option = HOST_REBOOT_UPSDELAY;
	228	}
0c530ab8	229
1c79356b	230	host_reboot(host_priv_self(), hostboot_option);
6d2010ae A	231	/*
	232	* should not be reached
	233	*/
	234	return (0);
1c79356b A	235	}
1c79356b A	236
b0d623f7 A	237	static int
	238	sd_openlog(vfs_context_t ctx)
	239	{
	240	int error = 0;
	241	struct timeval tv;
	242
	243	/* Open shutdown log */
	244	if ((error = vnode_open(PROC_SHUTDOWN_LOG, (O_CREAT \| FWRITE \| O_NOFOLLOW), 0644, 0, &sd_logvp, ctx))) {
	245	printf("Failed to open %s: error %d\n", PROC_SHUTDOWN_LOG, error);
	246	sd_logvp = NULLVP;
	247	return error;
	248	}
	249
	250	vnode_setsize(sd_logvp, (off_t)0, 0, ctx);
	251
	252	/* Write a little header */
	253	microtime(&tv);
	254	sd_log(ctx, "Process shutdown log. Current time is %lu (in seconds).\n\n", tv.tv_sec);
	255
	256	return 0;
	257	}
	258
	259	static int
	260	sd_closelog(vfs_context_t ctx)
	261	{
	262	int error = 0;
	263	if (sd_logvp != NULLVP) {
	264	VNOP_FSYNC(sd_logvp, MNT_WAIT, ctx);
	265	error = vnode_close(sd_logvp, FWRITE, ctx);
	266	}
	267
	268	return error;
	269	}
	270
	271	static void
	272	sd_log(vfs_context_t ctx, const char *fmt, ...)
	273	{
	274	int resid, log_error, len;
	275	char logbuf[100];
	276	va_list arglist;
	277
	278	/* If the log isn't open yet, open it */
	279	if (sd_logvp == NULLVP) {
	280	if (sd_openlog(ctx) != 0) {
	281	/* Couldn't open, we fail out */
	282	return;
	283	}
	284	}
	285
	286	va_start(arglist, fmt);
	287	len = vsnprintf(logbuf, sizeof(logbuf), fmt, arglist);
	288	log_error = vn_rdwr(UIO_WRITE, sd_logvp, (caddr_t)logbuf, len, sd_log_offset,
	289	UIO_SYSSPACE, IO_UNIT \| IO_NOAUTH, vfs_context_ucred(ctx), &resid, vfs_context_proc(ctx));
	290	if (log_error == EIO \|\| log_error == 0) {
	291	sd_log_offset += (len - resid);
	292	}
	293
	294	va_end(arglist);
	295
	296	}
	297
2d21ac55 A	298	static int
	299	sd_filt1(proc_t p, void * args)
	300	{
	301	proc_t self = current_proc();
	302	struct sd_filterargs * sf = (struct sd_filterargs *)args;
	303	int delayterm = sf-> delayterm;
	304	int shutdownstate = sf->shutdownstate;
	305
	306	if (((p->p_flag&P_SYSTEM) != 0) \|\| (p->p_ppid == 0)
	307	\|\|(p == self) \|\| (p->p_stat == SZOMB)
	308	\|\| (p->p_shutdownstate != shutdownstate)
	309	\|\|((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM))
	310	\|\| ((p->p_sigcatch & sigmask(SIGTERM))== 0)) {
	311	return(0);
	312	}
	313	else
	314	return(1);
	315	}
	316
	317
	318	static int
	319	sd_callback1(proc_t p, void * args)
	320	{
	321	struct sd_iterargs * sd = (struct sd_iterargs *)args;
	322	int signo = sd->signo;
	323	int setsdstate = sd->setsdstate;
b0d623f7	324	int countproc = sd->countproc;
2d21ac55 A	325
	326	proc_lock(p);
	327	p->p_shutdownstate = setsdstate;
	328	if (p->p_stat != SZOMB) {
	329	proc_unlock(p);
b0d623f7 A	330	if (countproc != 0) {
	331	proc_list_lock();
	332	p->p_listflag \|= P_LIST_EXITCOUNT;
	333	proc_shutdown_exitcount++;
	334	proc_list_unlock();
	335	}
	336
2d21ac55	337	psignal(p, signo);
b0d623f7 A	338	if (countproc != 0)
b0d623f7 A	339	sd->activecount++;
2d21ac55 A	340	} else
	341	proc_unlock(p);
	342	return(PROC_RETURNED);
2d21ac55 A	343	}
	344
	345	static int
	346	sd_filt2(proc_t p, void * args)
	347	{
	348	proc_t self = current_proc();
	349	struct sd_filterargs * sf = (struct sd_filterargs *)args;
	350	int delayterm = sf-> delayterm;
	351	int shutdownstate = sf->shutdownstate;
	352
	353	if (((p->p_flag&P_SYSTEM) != 0) \|\| (p->p_ppid == 0)
	354	\|\|(p == self) \|\| (p->p_stat == SZOMB)
	355	\|\| (p->p_shutdownstate == shutdownstate)
	356	\|\|((delayterm == 0) && ((p->p_lflag& P_LDELAYTERM) == P_LDELAYTERM))) {
	357	return(0);
	358	}
	359	else
	360	return(1);
	361	}
	362
	363	static int
	364	sd_callback2(proc_t p, void * args)
	365	{
	366	struct sd_iterargs * sd = (struct sd_iterargs *)args;
	367	int signo = sd->signo;
	368	int setsdstate = sd->setsdstate;
b0d623f7	369	int countproc = sd->countproc;
2d21ac55 A	370
	371	proc_lock(p);
	372	p->p_shutdownstate = setsdstate;
	373	if (p->p_stat != SZOMB) {
	374	proc_unlock(p);
b0d623f7 A	375	if (countproc != 0) {
	376	proc_list_lock();
	377	p->p_listflag \|= P_LIST_EXITCOUNT;
	378	proc_shutdown_exitcount++;
	379	proc_list_unlock();
	380	}
2d21ac55	381	psignal(p, signo);
b0d623f7 A	382	if (countproc != 0)
b0d623f7 A	383	sd->activecount++;
2d21ac55 A	384	} else
	385	proc_unlock(p);
	386
	387	return(PROC_RETURNED);
	388
	389	}
	390
	391	static int
	392	sd_callback3(proc_t p, void * args)
	393	{
	394	struct sd_iterargs * sd = (struct sd_iterargs *)args;
b0d623f7 A	395	vfs_context_t ctx = vfs_context_current();
b0d623f7 A	396
2d21ac55 A	397	int setsdstate = sd->setsdstate;
	398
	399	proc_lock(p);
	400	p->p_shutdownstate = setsdstate;
	401	if (p->p_stat != SZOMB) {
	402	/*
	403	* NOTE: following code ignores sig_lock and plays
	404	* with exit_thread correctly. This is OK unless we
	405	* are a multiprocessor, in which case I do not
	406	* understand the sig_lock. This needs to be fixed.
	407	* XXX
	408	*/
	409	if (p->exit_thread) { /* someone already doing it */
	410	proc_unlock(p);
	411	/* give him a chance */
	412	thread_block(THREAD_CONTINUE_NULL);
	413	} else {
	414	p->exit_thread = current_thread();
	415	printf(".");
b0d623f7 A	416
	417	sd_log(ctx, "%s[%d] had to be forced closed with exit1().\n", p->p_comm, p->p_pid);
	418
2d21ac55	419	proc_unlock(p);
b0d623f7 A	420	KERNEL_DEBUG_CONSTANT(BSDDBG_CODE(DBG_BSD_PROC, BSD_PROC_FRCEXIT) \| DBG_FUNC_NONE,
	421	p->p_pid, 0, 1, 0, 0);
	422	sd->activecount++;
2d21ac55 A	423	exit1(p, 1, (int *)NULL);
	424	}
	425	} else
	426	proc_unlock(p);
	427
	428	return(PROC_RETURNED);
	429	}
	430
	431
1c79356b A	432	/*
	433	* proc_shutdown()
	434	*
	435	* Shutdown down proc system (release references to current and root
	436	* dirs for each process).
	437	*
	438	* POSIX modifications:
	439	*
	440	* For POSIX fcntl() file locking call vno_lockrelease() on
	441	* the file to release all of its record locks, if any.
	442	*/
	443
	444	static void
2d21ac55	445	proc_shutdown(void)
1c79356b	446	{
b0d623f7 A	447	vfs_context_t ctx = vfs_context_current();
b0d623f7 A	448	struct proc p, self;
91447636	449	int delayterm = 0;
2d21ac55 A	450	struct sd_filterargs sfargs;
2d21ac55 A	451	struct sd_iterargs sdargs;
b0d623f7 A	452	int error = 0;
b0d623f7 A	453	struct timespec ts;
1c79356b A	454
	455	/*
	456	* Kill as many procs as we can. (Except ourself...)
	457	*/
0b4e3aa0	458	self = (struct proc *)current_proc();
1c79356b A	459
1c79356b A	460	/*
91447636 A	461	* Signal the init with SIGTERM so that he does not launch
91447636 A	462	* new processes
1c79356b	463	*/
2d21ac55	464	p = proc_find(1);
91447636 A	465	if (p && p != self) {
	466	psignal(p, SIGTERM);
	467	}
2d21ac55	468	proc_rele(p);
1c79356b	469
1c79356b A	470	printf("Killing all processes ");
1c79356b A	471
2d21ac55	472	sigterm_loop:
1c79356b A	473	/*
	474	* send SIGTERM to those procs interested in catching one
	475	*/
2d21ac55 A	476	sfargs.delayterm = delayterm;
	477	sfargs.shutdownstate = 0;
	478	sdargs.signo = SIGTERM;
	479	sdargs.setsdstate = 1;
b0d623f7 A	480	sdargs.countproc = 1;
b0d623f7 A	481	sdargs.activecount = 0;
2d21ac55	482
b0d623f7	483	error = 0;
2d21ac55 A	484	/* post a SIGTERM to all that catch SIGTERM and not marked for delay */
2d21ac55 A	485	proc_rebootscan(sd_callback1, (void )&sdargs, sd_filt1, (void )&sfargs);
91447636	486
b0d623f7	487	if (sdargs.activecount != 0 && proc_shutdown_exitcount!= 0) {
2d21ac55	488	proc_list_lock();
b0d623f7 A	489	if (proc_shutdown_exitcount != 0) {
	490	/*
	491	* now wait for up to 30 seconds to allow those procs catching SIGTERM
	492	* to digest it
	493	* as soon as these procs have exited, we'll continue on to the next step
	494	*/
	495	ts.tv_sec = 30;
	496	ts.tv_nsec = 0;
	497	error = msleep(&proc_shutdown_exitcount, proc_list_mlock, PWAIT, "shutdownwait", &ts);
	498	if (error != 0) {
	499	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	500	if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
	501	p->p_listflag &= ~P_LIST_EXITCOUNT;
	502	}
	503	for (p = zombproc.lh_first; p; p = p->p_list.le_next) {
	504	if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
	505	p->p_listflag &= ~P_LIST_EXITCOUNT;
	506	}
91447636	507	}
b0d623f7	508
1c79356b	509	}
2d21ac55	510	proc_list_unlock();
1c79356b	511	}
b0d623f7	512	if (error == ETIMEDOUT) {
91447636	513	/*
55e303ae A	514	* log the names of the unresponsive tasks
55e303ae A	515	*/
91447636	516
2d21ac55 A	517
	518	proc_list_lock();
	519
b0d623f7	520	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
91447636	521	if (p->p_shutdownstate == 1) {
b0d623f7 A	522	printf("%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
b0d623f7 A	523	sd_log(ctx, "%s[%d]: didn't act on SIGTERM\n", p->p_comm, p->p_pid);
91447636	524	}
55e303ae	525	}
2d21ac55 A	526
	527	proc_list_unlock();
	528
	529	delay_for_interval(1000 * 5, 1000 * 1000);
55e303ae	530	}
1c79356b A	531
	532	/*
	533	* send a SIGKILL to all the procs still hanging around
	534	*/
2d21ac55 A	535	sfargs.delayterm = delayterm;
	536	sfargs.shutdownstate = 2;
	537	sdargs.signo = SIGKILL;
	538	sdargs.setsdstate = 2;
b0d623f7 A	539	sdargs.countproc = 1;
b0d623f7 A	540	sdargs.activecount = 0;
2d21ac55	541
b0d623f7	542	/* post a SIGKILL to all that catch SIGTERM and not marked for delay */
2d21ac55	543	proc_rebootscan(sd_callback2, (void )&sdargs, sd_filt2, (void )&sfargs);
91447636	544
b0d623f7	545	if (sdargs.activecount != 0 && proc_shutdown_exitcount!= 0) {
2d21ac55	546	proc_list_lock();
b0d623f7 A	547	if (proc_shutdown_exitcount != 0) {
	548	/*
	549	* wait for up to 60 seconds to allow these procs to exit normally
	550	*
	551	* History: The delay interval was changed from 100 to 200
	552	* for NFS requests in particular.
	553	*/
	554	ts.tv_sec = 60;
	555	ts.tv_nsec = 0;
	556	error = msleep(&proc_shutdown_exitcount, proc_list_mlock, PWAIT, "shutdownwait", &ts);
	557	if (error != 0) {
	558	for (p = allproc.lh_first; p; p = p->p_list.le_next) {
	559	if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
	560	p->p_listflag &= ~P_LIST_EXITCOUNT;
	561	}
	562	for (p = zombproc.lh_first; p; p = p->p_list.le_next) {
	563	if ((p->p_listflag & P_LIST_EXITCOUNT) == P_LIST_EXITCOUNT)
	564	p->p_listflag &= ~P_LIST_EXITCOUNT;
	565	}
	566	}
1c79356b	567	}
2d21ac55	568	proc_list_unlock();
1c79356b A	569	}
	570
	571	/*
	572	* if we still have procs that haven't exited, then brute force 'em
	573	*/
2d21ac55 A	574	sfargs.delayterm = delayterm;
	575	sfargs.shutdownstate = 3;
	576	sdargs.signo = 0;
	577	sdargs.setsdstate = 3;
b0d623f7 A	578	sdargs.countproc = 0;
b0d623f7 A	579	sdargs.activecount = 0;
4a249263	580
2d21ac55 A	581	/* post a SIGTERM to all that catch SIGTERM and not marked for delay */
	582	proc_rebootscan(sd_callback3, (void )&sdargs, sd_filt2, (void )&sfargs);
	583	printf("\n");
91447636 A	584
	585	/* Now start the termination of processes that are marked for delayed termn */
	586	if (delayterm == 0) {
	587	delayterm = 1;
	588	goto sigterm_loop;
1c79356b	589	}
b0d623f7 A	590
	591	sd_closelog(ctx);
	592
3e170ce0 A	593	/*
	594	* Now that all other processes have been terminated, suspend init
	595	*/
	596	task_suspend_internal(initproc->task);
	597
2d21ac55 A	598	/* drop the ref on initproc */
2d21ac55 A	599	proc_rele(initproc);
1c79356b A	600	printf("continuing\n");
	601	}
	602